Unrated severityNVD Advisory· Published Feb 21, 2006· Updated Apr 16, 2026

CVE-2006-0827

Description

Cross-site scripting vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

Affected products

Xerox/Workcentre 2322 versions
cpe:2.3:h:xerox:workcentre_232:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:xerox:workcentre_232:*:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre_232:*:*:pro:*:*:*:*:*
Xerox/Workcentre 2382 versions
cpe:2.3:h:xerox:workcentre_238:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:xerox:workcentre_238:*:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre_238:*:*:pro:*:*:*:*:*
Xerox/Workcentre 2452 versions
cpe:2.3:h:xerox:workcentre_245:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:xerox:workcentre_245:*:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre_245:*:*:pro:*:*:*:*:*
Xerox/Workcentre 2552 versions
cpe:2.3:h:xerox:workcentre_255:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:xerox:workcentre_255:*:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre_255:*:*:pro:*:*:*:*:*
Xerox/Workcentre 2652 versions
cpe:2.3:h:xerox:workcentre_265:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:xerox:workcentre_265:*:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre_265:*:*:pro:*:*:*:*:*
Xerox/Workcentre 2752 versions
cpe:2.3:h:xerox:workcentre_275:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:xerox:workcentre_275:*:*:*:*:*:*:*:*
- cpe:2.3:h:xerox:workcentre_275:*:*:pro:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.xerox.com/downloads/usa/en/c/cert_XRX06_001.pdfnvdPatchVendor Advisory
secunia.com/advisories/18952nvdVendor Advisory
www.securityfocus.com/bid/16727nvd
www.vupen.com/english/advisories/2006/0668nvd
exchange.xforce.ibmcloud.com/vulnerabilities/24806nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000